CVE-2009-2903 Information

Description

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31 when the appletalk and ipddp modules are loaded but the ipddp\N\ device is not found allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

Reference

http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git;a=commit;h=ffcfb8db540ff879c2a85bf7e404954281443414 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html http://secunia.com/advisories/36707 http://secunia.com/advisories/37105 http://secunia.com/advisories/37909 http://www.mandriva.com/security/advisories?name=MDVSA-2009:329 http://www.openwall.com/lists/oss-security/2009/09/14/1 http://www.openwall.com/lists/oss-security/2009/09/14/2 http://www.openwall.com/lists/oss-security/2009/09/17/11 http://www.securityfocus.com/bid/36379 http://www.ubuntu.com/usn/USN-852-1 https://bugzilla.redhat.com/show_bug.cgi?id=522331